Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities found for server by tanium
CVE-2026-6408 (GCVE-0-2026-6408)
Vulnerability from nvd – Published: 2026-04-22 01:46 – Updated: 2026-04-22 12:49
VLAI?
Title
Tanium addressed an information disclosure vulnerability in Tanium Server.
Summary
Tanium addressed an information disclosure vulnerability in Tanium Server.
Severity ?
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.6.4.0 , < 7.6.4.2185
(custom)
Affected: 7.7.3.0 , < 7.7.3.8266 (custom) Affected: 7.8.2.0 , < 7.8.2.1168 (custom) |
Date Public ?
2026-04-22 01:46
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T12:48:18.544819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T12:49:39.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.6.4.2185",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
},
{
"lessThan": "7.7.3.8266",
"status": "affected",
"version": "7.7.3.0",
"versionType": "custom"
},
{
"lessThan": "7.8.2.1168",
"status": "affected",
"version": "7.8.2.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-04-15T21:51:17.273Z",
"datePublic": "2026-04-22T01:46:17.259Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an information disclosure vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T01:46:40.653Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-012",
"url": "https://security.tanium.com/TAN-2026-012"
}
],
"title": "Tanium addressed an information disclosure vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-6408",
"datePublished": "2026-04-22T01:46:40.653Z",
"dateReserved": "2026-04-15T21:51:17.871Z",
"dateUpdated": "2026-04-22T12:49:39.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15317 (GCVE-0-2025-15317)
Vulnerability from nvd – Published: 2026-02-09 21:43 – Updated: 2026-02-10 16:01
VLAI?
Title
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
Summary
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
Severity ?
6.5 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.4.6.0 , < 7.4.6.1154
(custom)
Affected: 7.5.6.0 , < 7.5.6.1164 (custom) Affected: 7.6.2.0 , < 7.6.2.1303 (custom) Affected: 7.6.4.0 , < 7.6.4.2124 (custom) cpe:2.3:a:tanium:server:7.4.6.1153:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.5.6.1163:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.2.1302:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2123:*:*:*:*:*:*:* |
Date Public ?
2025-03-18 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T16:00:52.783721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:01:34.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.4.6.1153:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.5.6.1163:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.2.1302:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2123:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.4.6.1154",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.5.6.1164",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1303",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2124",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:56.967Z",
"datePublic": "2025-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:43:41.258Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-013",
"url": "https://security.tanium.com/TAN-2025-013"
}
],
"title": "Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15317",
"datePublished": "2026-02-09T21:43:41.258Z",
"dateReserved": "2025-12-29T23:12:57.132Z",
"dateUpdated": "2026-02-10T16:01:34.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15315 (GCVE-0-2025-15315)
Vulnerability from nvd – Published: 2026-02-09 21:48 – Updated: 2026-02-10 16:59
VLAI?
Title
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
Severity ?
6.7 (Medium)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Module Server |
Affected:
7.5.6.0 , < 7.5.6.1161
(custom)
Affected: 7.4.6.0 , < 7.4.6.1151 (custom) Affected: 7.6.2.0 , < 7.6.2.1293 (custom) Affected: 7.6.4.0 , < 7.6.4.2114 (custom) cpe:2.3:a:tanium:moduleserver:7.5.6.1160:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.4.6.1150:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.6.2.1292:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.6.4.2113:*:*:*:*:*:*:* |
Date Public ?
2025-02-21 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15315",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T16:58:41.692979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:59:35.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:moduleserver:7.5.6.1160:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.4.6.1150:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.6.2.1292:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.6.4.2113:*:*:*:*:*:*:*"
],
"product": "Tanium Module Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.5.6.1161",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.4.6.1151",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1293",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2114",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:55.398Z",
"datePublic": "2025-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Module Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:48:49.693Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-011",
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"title": "Tanium addressed a local privilege escalation vulnerability in Tanium Module Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15315",
"datePublished": "2026-02-09T21:48:49.693Z",
"dateReserved": "2025-12-29T23:12:55.559Z",
"dateUpdated": "2026-02-10T16:59:35.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15316 (GCVE-0-2025-15316)
Vulnerability from nvd – Published: 2026-02-09 21:48 – Updated: 2026-02-10 15:59
VLAI?
Title
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
Severity ?
6.7 (Medium)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.4.6.0 , < 7.4.6.1151
(custom)
Affected: 7.5.6.0 , < 7.5.6.1161 (custom) Affected: 7.6.2.0 , < 7.6.2.1293 (custom) Affected: 7.6.4.0 , < 7.6.4.2114 (custom) cpe:2.3:a:tanium:server:7.4.6.1150:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.5.6.1160:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.2.1292:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2113:*:*:*:*:*:*:* |
Date Public ?
2025-02-21 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:58:59.416693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:59:23.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.4.6.1150:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.5.6.1160:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.2.1292:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2113:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.4.6.1151",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.5.6.1161",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1293",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2114",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:56.161Z",
"datePublic": "2025-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:48:49.471Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-011",
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"title": "Tanium addressed a local privilege escalation vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15316",
"datePublished": "2026-02-09T21:48:49.471Z",
"dateReserved": "2025-12-29T23:12:56.327Z",
"dateUpdated": "2026-02-10T15:59:23.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15322 (GCVE-0-2025-15322)
Vulnerability from nvd – Published: 2026-01-30 00:20 – Updated: 2026-02-05 16:00
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Tanium Server.
Summary
Tanium addressed an improper access controls vulnerability in Tanium Server.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.6.2.0 , < 7.6.2.1327
(custom)
Affected: 7.6.4.0 , < 7.6.4.2160 (custom) Affected: 7.7.3.0 , < 7.7.3.8231 (custom) cpe:2.3:a:tanium:server:7.6.2.1326:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2159:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.7.3.8230:*:*:*:*:*:*:* |
Date Public ?
2025-09-16 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T18:24:51.459482Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T18:25:12.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.6.2.1326:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2159:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.7.3.8230:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.6.2.1327",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2160",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
},
{
"lessThan": "7.7.3.8231",
"status": "affected",
"version": "7.7.3.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:13:01.592Z",
"datePublic": "2025-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T16:00:17.135Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-028",
"url": "https://security.tanium.com/TAN-2025-028"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15322",
"datePublished": "2026-01-30T00:20:57.307Z",
"dateReserved": "2025-12-29T23:13:02.373Z",
"dateUpdated": "2026-02-05T16:00:17.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6408 (GCVE-0-2026-6408)
Vulnerability from cvelistv5 – Published: 2026-04-22 01:46 – Updated: 2026-04-22 12:49
VLAI?
Title
Tanium addressed an information disclosure vulnerability in Tanium Server.
Summary
Tanium addressed an information disclosure vulnerability in Tanium Server.
Severity ?
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.6.4.0 , < 7.6.4.2185
(custom)
Affected: 7.7.3.0 , < 7.7.3.8266 (custom) Affected: 7.8.2.0 , < 7.8.2.1168 (custom) |
Date Public ?
2026-04-22 01:46
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T12:48:18.544819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T12:49:39.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.6.4.2185",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
},
{
"lessThan": "7.7.3.8266",
"status": "affected",
"version": "7.7.3.0",
"versionType": "custom"
},
{
"lessThan": "7.8.2.1168",
"status": "affected",
"version": "7.8.2.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-04-15T21:51:17.273Z",
"datePublic": "2026-04-22T01:46:17.259Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an information disclosure vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T01:46:40.653Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-012",
"url": "https://security.tanium.com/TAN-2026-012"
}
],
"title": "Tanium addressed an information disclosure vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-6408",
"datePublished": "2026-04-22T01:46:40.653Z",
"dateReserved": "2026-04-15T21:51:17.871Z",
"dateUpdated": "2026-04-22T12:49:39.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15315 (GCVE-0-2025-15315)
Vulnerability from cvelistv5 – Published: 2026-02-09 21:48 – Updated: 2026-02-10 16:59
VLAI?
Title
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
Severity ?
6.7 (Medium)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Module Server |
Affected:
7.5.6.0 , < 7.5.6.1161
(custom)
Affected: 7.4.6.0 , < 7.4.6.1151 (custom) Affected: 7.6.2.0 , < 7.6.2.1293 (custom) Affected: 7.6.4.0 , < 7.6.4.2114 (custom) cpe:2.3:a:tanium:moduleserver:7.5.6.1160:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.4.6.1150:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.6.2.1292:*:*:*:*:*:*:* cpe:2.3:a:tanium:moduleserver:7.6.4.2113:*:*:*:*:*:*:* |
Date Public ?
2025-02-21 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15315",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T16:58:41.692979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:59:35.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:moduleserver:7.5.6.1160:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.4.6.1150:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.6.2.1292:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:moduleserver:7.6.4.2113:*:*:*:*:*:*:*"
],
"product": "Tanium Module Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.5.6.1161",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.4.6.1151",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1293",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2114",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:55.398Z",
"datePublic": "2025-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Module Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:48:49.693Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-011",
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"title": "Tanium addressed a local privilege escalation vulnerability in Tanium Module Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15315",
"datePublished": "2026-02-09T21:48:49.693Z",
"dateReserved": "2025-12-29T23:12:55.559Z",
"dateUpdated": "2026-02-10T16:59:35.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15316 (GCVE-0-2025-15316)
Vulnerability from cvelistv5 – Published: 2026-02-09 21:48 – Updated: 2026-02-10 15:59
VLAI?
Title
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
Severity ?
6.7 (Medium)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.4.6.0 , < 7.4.6.1151
(custom)
Affected: 7.5.6.0 , < 7.5.6.1161 (custom) Affected: 7.6.2.0 , < 7.6.2.1293 (custom) Affected: 7.6.4.0 , < 7.6.4.2114 (custom) cpe:2.3:a:tanium:server:7.4.6.1150:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.5.6.1160:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.2.1292:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2113:*:*:*:*:*:*:* |
Date Public ?
2025-02-21 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:58:59.416693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:59:23.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.4.6.1150:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.5.6.1160:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.2.1292:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2113:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.4.6.1151",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.5.6.1161",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1293",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2114",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:56.161Z",
"datePublic": "2025-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:48:49.471Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-011",
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"title": "Tanium addressed a local privilege escalation vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15316",
"datePublished": "2026-02-09T21:48:49.471Z",
"dateReserved": "2025-12-29T23:12:56.327Z",
"dateUpdated": "2026-02-10T15:59:23.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15317 (GCVE-0-2025-15317)
Vulnerability from cvelistv5 – Published: 2026-02-09 21:43 – Updated: 2026-02-10 16:01
VLAI?
Title
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
Summary
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
Severity ?
6.5 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.4.6.0 , < 7.4.6.1154
(custom)
Affected: 7.5.6.0 , < 7.5.6.1164 (custom) Affected: 7.6.2.0 , < 7.6.2.1303 (custom) Affected: 7.6.4.0 , < 7.6.4.2124 (custom) cpe:2.3:a:tanium:server:7.4.6.1153:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.5.6.1163:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.2.1302:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2123:*:*:*:*:*:*:* |
Date Public ?
2025-03-18 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T16:00:52.783721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:01:34.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.4.6.1153:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.5.6.1163:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.2.1302:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2123:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.4.6.1154",
"status": "affected",
"version": "7.4.6.0",
"versionType": "custom"
},
{
"lessThan": "7.5.6.1164",
"status": "affected",
"version": "7.5.6.0",
"versionType": "custom"
},
{
"lessThan": "7.6.2.1303",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2124",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:12:56.967Z",
"datePublic": "2025-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T21:43:41.258Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-013",
"url": "https://security.tanium.com/TAN-2025-013"
}
],
"title": "Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15317",
"datePublished": "2026-02-09T21:43:41.258Z",
"dateReserved": "2025-12-29T23:12:57.132Z",
"dateUpdated": "2026-02-10T16:01:34.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15322 (GCVE-0-2025-15322)
Vulnerability from cvelistv5 – Published: 2026-01-30 00:20 – Updated: 2026-02-05 16:00
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Tanium Server.
Summary
Tanium addressed an improper access controls vulnerability in Tanium Server.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Tanium Server |
Affected:
7.6.2.0 , < 7.6.2.1327
(custom)
Affected: 7.6.4.0 , < 7.6.4.2160 (custom) Affected: 7.7.3.0 , < 7.7.3.8231 (custom) cpe:2.3:a:tanium:server:7.6.2.1326:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.6.4.2159:*:*:*:*:*:*:* cpe:2.3:a:tanium:server:7.7.3.8230:*:*:*:*:*:*:* |
Date Public ?
2025-09-16 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T18:24:51.459482Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T18:25:12.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:server:7.6.2.1326:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.6.4.2159:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:server:7.7.3.8230:*:*:*:*:*:*:*"
],
"product": "Tanium Server",
"vendor": "Tanium",
"versions": [
{
"lessThan": "7.6.2.1327",
"status": "affected",
"version": "7.6.2.0",
"versionType": "custom"
},
{
"lessThan": "7.6.4.2160",
"status": "affected",
"version": "7.6.4.0",
"versionType": "custom"
},
{
"lessThan": "7.7.3.8231",
"status": "affected",
"version": "7.7.3.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:13:01.592Z",
"datePublic": "2025-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Tanium Server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T16:00:17.135Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-028",
"url": "https://security.tanium.com/TAN-2025-028"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Tanium Server."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15322",
"datePublished": "2026-01-30T00:20:57.307Z",
"dateReserved": "2025-12-29T23:13:02.373Z",
"dateUpdated": "2026-02-05T16:00:17.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
FKIE_CVE-2025-15317
Vulnerability from fkie_nvd - Published: 2026-02-09 22:16 - Updated: 2026-03-09 18:07
Severity ?
Summary
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
References
| URL | Tags | ||
|---|---|---|---|
| 3938794e-25f5-4123-a1ba-5cbd7f104512 | https://security.tanium.com/TAN-2025-013 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EB38D2-72AA-4A2E-ACE7-E26FC5F55B52",
"versionEndExcluding": "7.4.6.1154",
"versionStartIncluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BF66E3-B122-46F8-984B-82DF9D60614C",
"versionEndExcluding": "7.5.6.1164",
"versionStartIncluding": "7.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C1FE9C-336A-4926-8A61-E3A89F7CFEB4",
"versionEndExcluding": "7.6.2.1303",
"versionStartIncluding": "7.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "382C5DC9-D27C-4EDC-A9DD-4395CB1EB506",
"versionEndExcluding": "7.6.4.2124",
"versionStartIncluding": "7.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server."
},
{
"lang": "es",
"value": "Tanium abord\u00f3 una vulnerabilidad de consumo de recursos no controlado en Tanium Server."
}
],
"id": "CVE-2025-15317",
"lastModified": "2026-03-09T18:07:28.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
}
]
},
"published": "2026-02-09T22:16:00.967",
"references": [
{
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"tags": [
"Vendor Advisory"
],
"url": "https://security.tanium.com/TAN-2025-013"
}
],
"sourceIdentifier": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-15315
Vulnerability from fkie_nvd - Published: 2026-02-09 22:16 - Updated: 2026-03-09 18:08
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.
References
| URL | Tags | ||
|---|---|---|---|
| 3938794e-25f5-4123-a1ba-5cbd7f104512 | https://security.tanium.com/TAN-2025-011 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | server | * | |
| tanium | server | * | |
| tanium | server | * | |
| tanium | server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B97AD57B-2F83-44C0-8C76-8537E7C621BF",
"versionEndExcluding": "7.4.6.1151",
"versionStartIncluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B79B2A-0DCD-4307-8C99-5F0F45659299",
"versionEndExcluding": "7.5.6.1161",
"versionStartIncluding": "7.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB0E603-7E00-4DB2-83A5-946E24D8CDAC",
"versionEndExcluding": "7.6.2.1293",
"versionStartIncluding": "7.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB017351-1F8D-498D-AE7A-CC1FEC20CB2E",
"versionEndExcluding": "7.6.4.2114",
"versionStartIncluding": "7.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33F5BF50-7066-4F64-BF29-CF04B1EE2AEB",
"versionEndExcluding": "7.4.6.1151",
"versionStartIncluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2FF8C-95AD-416E-9958-D4B5F957BEC9",
"versionEndExcluding": "7.5.6.1161",
"versionStartIncluding": "7.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7010294-61A9-42C2-82F5-388C9E226E32",
"versionEndExcluding": "7.6.2.1293",
"versionStartIncluding": "7.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8600B71-DC7F-452F-8CB9-DE30451CC9DB",
"versionEndExcluding": "7.6.4.2114",
"versionStartIncluding": "7.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Module Server."
},
{
"lang": "es",
"value": "Tanium abord\u00f3 una vulnerabilidad de escalada de privilegios local en Tanium Module Server."
}
],
"id": "CVE-2025-15315",
"lastModified": "2026-03-09T18:08:28.133",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-02-09T22:16:00.660",
"references": [
{
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"tags": [
"Vendor Advisory"
],
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"sourceIdentifier": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-15316
Vulnerability from fkie_nvd - Published: 2026-02-09 22:16 - Updated: 2026-03-09 18:08
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Tanium addressed a local privilege escalation vulnerability in Tanium Server.
References
| URL | Tags | ||
|---|---|---|---|
| 3938794e-25f5-4123-a1ba-5cbd7f104512 | https://security.tanium.com/TAN-2025-011 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | module_server | * | |
| tanium | server | * | |
| tanium | server | * | |
| tanium | server | * | |
| tanium | server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B97AD57B-2F83-44C0-8C76-8537E7C621BF",
"versionEndExcluding": "7.4.6.1151",
"versionStartIncluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B79B2A-0DCD-4307-8C99-5F0F45659299",
"versionEndExcluding": "7.5.6.1161",
"versionStartIncluding": "7.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB0E603-7E00-4DB2-83A5-946E24D8CDAC",
"versionEndExcluding": "7.6.2.1293",
"versionStartIncluding": "7.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:module_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB017351-1F8D-498D-AE7A-CC1FEC20CB2E",
"versionEndExcluding": "7.6.4.2114",
"versionStartIncluding": "7.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33F5BF50-7066-4F64-BF29-CF04B1EE2AEB",
"versionEndExcluding": "7.4.6.1151",
"versionStartIncluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2FF8C-95AD-416E-9958-D4B5F957BEC9",
"versionEndExcluding": "7.5.6.1161",
"versionStartIncluding": "7.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7010294-61A9-42C2-82F5-388C9E226E32",
"versionEndExcluding": "7.6.2.1293",
"versionStartIncluding": "7.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8600B71-DC7F-452F-8CB9-DE30451CC9DB",
"versionEndExcluding": "7.6.4.2114",
"versionStartIncluding": "7.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed a local privilege escalation vulnerability in Tanium Server."
},
{
"lang": "es",
"value": "Tanium abord\u00f3 una vulnerabilidad de escalada de privilegios local en Tanium Server."
}
],
"id": "CVE-2025-15316",
"lastModified": "2026-03-09T18:08:18.327",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-02-09T22:16:00.830",
"references": [
{
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"tags": [
"Vendor Advisory"
],
"url": "https://security.tanium.com/TAN-2025-011"
}
],
"sourceIdentifier": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-15322
Vulnerability from fkie_nvd - Published: 2026-01-30 01:15 - Updated: 2026-03-09 18:08
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Tanium addressed an improper access controls vulnerability in Tanium Server.
References
| URL | Tags | ||
|---|---|---|---|
| 3938794e-25f5-4123-a1ba-5cbd7f104512 | https://security.tanium.com/TAN-2025-028 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65374119-2DF4-441C-898A-D7F58E4AD123",
"versionEndExcluding": "7.6.2.1327",
"versionStartIncluding": "7.6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8F9099-467D-43D0-A24A-FA58AA84DCE7",
"versionEndExcluding": "7.6.4.2160",
"versionStartIncluding": "7.6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tanium:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12134230-C477-4682-B64D-D69CC4DC47A8",
"versionEndExcluding": "7.7.3.8231",
"versionStartIncluding": "7.7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Tanium Server."
},
{
"lang": "es",
"value": "Tanium abord\u00f3 una vulnerabilidad de controles de acceso inadecuados en Tanium Server."
}
],
"id": "CVE-2025-15322",
"lastModified": "2026-03-09T18:08:57.450",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-01-30T01:15:55.350",
"references": [
{
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"tags": [
"Vendor Advisory"
],
"url": "https://security.tanium.com/TAN-2025-028"
}
],
"sourceIdentifier": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"type": "Secondary"
}
]
}